Chinese Traders Charged With Trading on Hacked Nonpublic Information Stolen From Two Law Firms
Marks First Time SEC Charges Hacking Into Law Firm Computer Networks
The Securities and Exchange Commission today charged three Chinese traders with fraudulently trading on hacked nonpublic market-moving information stolen from two prominent New York-based law firms, racking up almost $3 million in illegal profits. The SEC also is seeking an asset freeze that prevents the traders from cashing in on their illicit gains. The enforcement action marks the first time the SEC has charged hacking into a law firm’s computer network.
The SEC’s complaint alleges that Iat Hong, Bo Zheng, and Hung Chin executed a deceptive scheme to hack into the networks of two law firms and steal confidential information pertaining to firm clients that were considering mergers or acquisitions.
According to the SEC’s complaint, the alleged hacking incidents involved installing malware on the law firms’ networks, compromising accounts that enabled access to all email accounts at the firms, and copying and transmitting dozens of gigabytes of emails to remote internet locations. Hong and Zheng in particular coveted the emails of attorneys involved in mergers and acquisitions as they exchanged a list of partners who performed the work at one of the law firms prior to the hack at that firm.
In a parallel action, the U.S. Attorney’s Office for the Southern District of New York today announced criminal charges.
“We used enhanced trading surveillance and analysis capabilities that we developed over the last few years to identify the broad scope of the defendants’ alleged scheme, including the use of both U.S. and offshore accounts to carry it out,” said Stephanie Avakian, Acting Director of the SEC’s Enforcement Division. “This action demonstrates our commitment and effectiveness in rooting out cyber-driven schemes no matter how sophisticated.”
“As we allege, the defendants’ ‘hacking to trade’ scheme involved numerous levels of deception as they gained broad access to the nonpublic networks of two law firms, stole confidential information and then used it for substantial personal gain,” said Antonia Chion, Associate Director of the SEC’s Division of Enforcement. “This action marks the end of their alleged deception and serves as a stark reminder to companies and firms that your networks can be vulnerable targets.”
According to the SEC’s complaint, Hong, Zheng, and Chin used the stolen confidential information contained in emails to purchase shares in at least three public companies ahead of public announcements about entering into merger agreements. The SEC alleges that they spent approximately $7.5 million in a one-month period buying shares in semiconductor company Altera Inc. in advance of a 2015 report that it was in talks to be acquired by Intel Corporation. Within 12 hours of emails being extracted from one of the firms, Hong and Chin allegedly began purchasing shares of e-commerce company Borderfree so aggressively that they accounted for at least 25 percent of the company’s trading volume on certain days in advance of the announcement of a 2015 deal. Hong and Zheng also allegedly traded in advance of a 2014 merger announcement involving InterMune, a pharmaceutical company.
The SEC’s complaint charges Hong, Zheng, and Chin with violating the antifraud provisions of the federal securities laws and related rules. The SEC seeks a final judgment ordering them to pay penalties and disgorge ill-gotten gains plus interest and permanently enjoining them from violating the federal securities laws. Hong’s mother is named as a relief defendant in the SEC’s complaint for the purpose of recovering ill-gotten gains in her accounts resulting from her son’s alleged illicit trading.
The SEC’s investigation is continuing, and is being conducted by Jennie B. Krasner, Devon Leppink Staren, and staff in the SEC’s Information Technology Forensics Group with assistance from Wendy Kong. The case is being supervised by Ricky Sachar and Antonia Chion and the litigation is being led by Britt Biles. The SEC appreciates the assistance of the U.S. Attorney’s Office for Southern District of New York, Federal Bureau of Investigation, Hong Kong Securities and Futures Commission, and Financial Industry Regulatory Authority.